Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",jufwyscuoumnb install
- %TEMP%\ins1.tmp
- 'ko##n.ce.ms':80
- ko##n.ce.ms/uQpLovUHTYZqLJOwnHJndw7BGaEnjGM1NX/qjUKyMAFVHVJ+SL20Q2WJGwpKWhIeuVKhl0kJeFkbDmNdztrQPQd58gkLKRuh45oaSNMKma+tQg==
- ko##n.ce.ms/RYnhuVcDX4Gm0nd3lp5GlVa3ZirMAAOayf8NtL5rRGfQqj/tqKwak0Ubd1IuegPxryM6rvBzsvnTuzksDHe5f0vYzAP89rU6tA5ahTt4X0U6kW1EHV0qL5IYebJfYfTs9ctKqxhEYrHBfjQ9QgyR/tptdULF7CnCBPL8fWo3Fngpf7NLJ29Hi91hHWAobskqZ5Ya720jQfQ=
- DNS ASK ko##n.ce.ms
- ClassName: 'Shell_TrayWnd' WindowName: ''